Software vulnerabilities are often exploited to attack user computers or steal personal data. The term “vulnerability” characterizes a particular defect or shortcoming in the software that can be utilized by a hacker for illegal purposes. As a rule, a vulnerability arises as a result of some error in the software. Vulnerabilities may be found in the majority of popular applications and operating systems. In order to exploit a vulnerability of a particular application, the hacker must have special software that utilizes the vulnerabilities in the applications. Such software is commonly referred to as an “exploit”. An exploit is a malicious code that conventionally consists of two parts. The first part of the exploit code makes it possible to utilize a specific vulnerability in a particular application in order to make it possible to utilize the second part of the exploit code, which is generally known as the “payload”. This “payload” makes it possible for the hacker to perform certain unlawful actions. An example of unlawful actions are those actions aimed at breaching the integrity of the operations of an application and actions making it possible to increase the level of privileges of the hacker in the operating system. These unlawful actions allow the hacker to obtain the information he needs about the users of the particular computer, such as confidential information.
The developers of software and the administrators of computer networks devote great efforts to discovering and then correcting vulnerabilities in applications. However, due to the complexity of modern software, it is almost impossible to find absolutely all vulnerabilities. Therefore, in the event of discovering a vulnerability in software, the software developers strive to correct the discovered vulnerability as soon as possible. For this, application developers create an update for the particular application that eliminates the vulnerability found in the application. But it takes time to create and then send out the update for the application that eliminates the vulnerability found in the application, which can be utilized by hackers in the event they should find such a vulnerability. Moreover, even if an update is provided to the users for vulnerable applications, the users might not install the updates for a very long time, e.g., months or even years. There may be various reasons for this, such as the fact that the vulnerable applications after being updated might have unstable working or be incompatible with other applications, which is especially critical to servers. Yet another reason might be negligence on the part of the users, who often do not install updates for applications at all.
Moreover, after creating an update for an application the providers of software or antivirus services may issue a security bulletin which might contain information about the application containing the vulnerability, such as the threat level and urgency of the problem, the likelihood of the presence of the exploit for the particular vulnerability, and the potential harm. Furthermore, the security bulletin may contain the necessary instructions to repair the particular application, such as information about the updating of the application and its whereabouts for downloading. Thus, on the one hand the security bulletin helps to more quickly update the vulnerable applications for the users and, consequently, remove the vulnerabilities found in the application. On the other hand, these same security bulletins can also be utilized by hackers to create an exploit and subsequently use it for their own gain. This is due to the fact that, as explained above, it takes time for the majority of users and administrators to install the update and in some instances the users neglecting to update the vulnerable application. Thus, for example, the administrator of a corporate network or directly a computer system where the vulnerable application is installed will not necessarily apply the issued corrections at once, since the administrator must first perform a test to check the issued update containing the repair of the application with regard to the vulnerability found, for correctness of the subsequent operation of the application and for possible harm caused to the network or the computer system by the repaired application. Hence, once again it takes time to implement and repair an application containing a vulnerability.
Also, in certain cases, yet another factor of delay in the installing of an update to remove a vulnerability in an application is the lack of any notification, whether of the administrator of the network or system or of the vulnerable applications themselves as to the release of the new update repairing the vulnerability in the application.
Thus, there is a need to solve the problem of protecting a corporate network or computer systems against exploitation of vulnerabilities in software applications deployed thereon, particularly during the time interval between discovery of a vulnerability of a software application and until the vulnerability is corrected.